==================
WARNING: ThreadSanitizer: heap-use-after-free (pid=21)
Read of size 8 at 0x7b0c00000318 by thread T3:
#0 grpc_core::FakeResolverResponseGenerator::SetResponseLocked(void*, grpc_error*) /proc/self/cwd/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc:170 (liblibgrpc_Uresolver_Ufake.so+0x7235)
#1 grpc_combiner_continue_exec_ctx() /proc/self/cwd/src/core/lib/iomgr/combiner.cc:268 (liblibgrpc_Ubase_Uc.so+0x6d5f2)
#2 grpc_core::ExecCtx::Flush() /proc/self/cwd/src/core/lib/iomgr/exec_ctx.cc:151 (liblibgrpc_Ubase_Uc.so+0x93752)
#3 pollset_work(grpc_pollset*, grpc_pollset_worker**, long) /proc/self/cwd/src/core/lib/iomgr/ev_poll_posix.cc:1082 (liblibgrpc_Ubase_Uc.so+0x8a955)
#4 pollset_work(grpc_pollset*, grpc_pollset_worker**, long) /proc/self/cwd/src/core/lib/iomgr/ev_posix.cc:320 (liblibgrpc_Ubase_Uc.so+0x91ee8)
#5 grpc_pollset_work(grpc_pollset*, grpc_pollset_worker**, long) /proc/self/cwd/src/core/lib/iomgr/pollset.cc:48 (liblibgrpc_Ubase_Uc.so+0x9b7d2)
#6 run_poller(void*, grpc_error*) /proc/self/cwd/src/core/ext/filters/client_channel/backup_poller.cc:122 (liblibgrpc_Uclient_Uchannel.so+0x45ac8)
#7 exec_ctx_run(grpc_closure*, grpc_error*) /proc/self/cwd/src/core/lib/iomgr/exec_ctx.cc:40 (liblibgrpc_Ubase_Uc.so+0x939eb)
#8 grpc_core::ExecCtx::Flush() /proc/self/cwd/src/core/lib/iomgr/exec_ctx.cc:148 (liblibgrpc_Ubase_Uc.so+0x93736)
#9 run_some_timers() /proc/self/cwd/src/core/lib/iomgr/timer_manager.cc:140 (liblibgrpc_Ubase_Uc.so+0xc740d)
#10 timer_main_loop() /proc/self/cwd/src/core/lib/iomgr/timer_manager.cc:246 (liblibgrpc_Ubase_Uc.so+0xc7009)
#11 timer_thread(void*) /proc/self/cwd/src/core/lib/iomgr/timer_manager.cc:293 (liblibgrpc_Ubase_Uc.so+0xc6efa)
#12 grpc_core::(anonymous namespace)::ThreadInternalsPosix::ThreadInternalsPosix(char const*, void (*)(void*), void*, bool*, grpc_core::Thread::Options const&)::{lambda(void*)#1}::operator()(void*) const /proc/self/cwd/src/core/lib/gprpp/thd_posix.cc:114 (liblibgpr_Ubase.so+0x113fe)
#13 grpc_core::(anonymous namespace)::ThreadInternalsPosix::ThreadInternalsPosix(char const*, void (*)(void*), void*, bool*, grpc_core::Thread::Options const&)::{lambda(void*)#1}::__invoke(void*) /proc/self/cwd/src/core/lib/gprpp/thd_posix.cc:84 (liblibgpr_Ubase.so+0x11208)
Previous write of size 8 at 0x7b0c00000318 by main thread:
#0 free /tmp/clang-build/src/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:708 (client_channel_stress_test+0x499504)
#1 gpr_free /proc/self/cwd/src/core/lib/gpr/alloc.cc:77 (liblibgpr_Ubase.so+0x6688)
#2 void grpc_core::Delete<grpc_core::FakeResolverResponseGenerator>(grpc_core::FakeResolverResponseGenerator*) /proc/self/cwd/./src/core/lib/gprpp/memory.h:55 (client_channel_stress_test+0x52b97f)
#3 grpc_core::RefCounted<grpc_core::FakeResolverResponseGenerator, grpc_core::PolymorphicRefCount>::Unref() /proc/self/cwd/./src/core/lib/gprpp/ref_counted.h:199 (client_channel_stress_test+0x52b817)
#4 grpc_core::RefCountedPtr<grpc_core::FakeResolverResponseGenerator>::~RefCountedPtr() /proc/self/cwd/./src/core/lib/gprpp/ref_counted_ptr.h:103 (client_channel_stress_test+0x52aeb5)
#5 grpc::testing::(anonymous namespace)::ClientChannelStressTest::~ClientChannelStressTest() /proc/self/cwd/test/cpp/client/client_channel_stress_test.cc:132 (client_channel_stress_test+0x5032eb)
#6 main /proc/self/cwd/test/cpp/client/client_channel_stress_test.cc:339 (client_channel_stress_test+0x502b9c)
Thread T3 'grpc_global_tim' (tid=25, running) created by main thread at:
#0 pthread_create /tmp/clang-build/src/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:966 (client_channel_stress_test+0x49a5b5)
#1 grpc_core::(anonymous namespace)::ThreadInternalsPosix::ThreadInternalsPosix(char const*, void (*)(void*), void*, bool*, grpc_core::Thread::Options const&) /proc/self/cwd/src/core/lib/gprpp/thd_posix.cc:83 (liblibgpr_Ubase.so+0x10e41)
#2 grpc_core::(anonymous namespace)::ThreadInternalsPosix* grpc_core::New<grpc_core::(anonymous namespace)::ThreadInternalsPosix, char const*&, void (*&)(void*), void*&, bool*, grpc_core::Thread::Options const&>(char const*&, void (*&)(void*), void*&, bool*&&, grpc_core::Thread::Options const&) /proc/self/cwd/./src/core/lib/gprpp/memory.h:47 (liblibgpr_Ubase.so+0x108a8)
#3 grpc_core::Thread::Thread(char const*, void (*)(void*), void*, bool*, grpc_core::Thread::Options const&) /proc/self/cwd/src/core/lib/gprpp/thd_posix.cc:160 (liblibgpr_Ubase.so+0x1062f)
#4 start_timer_thread_and_unlock() /proc/self/cwd/src/core/lib/iomgr/timer_manager.cc:98 (liblibgrpc_Ubase_Uc.so+0xc6e27)
#5 start_threads() /proc/self/cwd/src/core/lib/iomgr/timer_manager.cc:302 (liblibgrpc_Ubase_Uc.so+0xc6882)
#6 grpc_timer_manager_init() /proc/self/cwd/src/core/lib/iomgr/timer_manager.cc:325 (liblibgrpc_Ubase_Uc.so+0xc67fe)
#7 grpc_iomgr_start() /proc/self/cwd/src/core/lib/iomgr/iomgr.cc:63 (liblibgrpc_Ubase_Uc.so+0x98485)
#8 grpc_init /proc/self/cwd/src/core/lib/surface/init.cc:161 (liblibgrpc.so+0x3efd)
#9 main /proc/self/cwd/test/cpp/client/client_channel_stress_test.cc:333 (client_channel_stress_test+0x502b43)
SUMMARY: ThreadSanitizer: heap-use-after-free /proc/self/cwd/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc:170 in grpc_core::FakeResolverResponseGenerator::SetResponseLocked(void*, grpc_error*)
==================